Securing Industrial Control Systems and Safety Instrumented Systems : A Practical Guide for Safeguarding Mission and Safety Critical Systems / Jalal Bouhdada and Marco Ayala.

Format:

Book

Author/Creator:

Bouhdada, Jalal, author.

Ayala, Marco, author.

Language:

English

Subjects (All):

Process control--Security measures.

Process control.

Computer security.

Physical Description:

1 online resource (256 pages)

Edition:

First edition.

Place of Publication:

Birmingham, England : Packt Publishing Ltd., [2024]

Summary:

As modern process facilities become increasingly sophisticated and vulnerable to cyber threats, securing critical infrastructure is more crucial than ever. This book offers an indispensable guide to industrial cybersecurity and Safety Instrumented Systems (SIS), vital for maintaining the safety and reliability of critical systems and protecting your operations, personnel, and assets. Starting with SIS design principles, the book delves into the architecture and protocols of safety networks. It provides hands-on experience identifying vulnerabilities and potential attack vectors, exploring how attackers might target SIS components. You’ll thoroughly analyze Key SIS technologies, threat modeling, and attack techniques targeting SIS controllers and engineer workstations. The book shows you how to secure Instrument Asset Management Systems (IAMS), implement physical security measures, and apply integrated risk management methodologies. It also covers compliance with emerging cybersecurity regulations and industry standards worldwide. By the end of the book, you’ll have gained practical insights into various risk assessment methodologies and a comprehensive understanding of how to effectively protect critical infrastructure.

Contents:

Cover

Title Page

Copyright and Credits

Dedications

Foreword

Contributors

Table of Contents

Preface

Part 1: Safety Instrumented Systems

Chapter 1: Introduction to Safety Instrumented Systems (SISs)

Understanding SIS

SIS elements

BPCS versus SIS

SIS applications - where are they used?

What is ICS cybersecurity?

How do IT and engineering communities perceive ICS cybersecurity?

Exploring relevant cybersecurity and functional safety standards

Examining the safety and cybersecurity lifecycle

Safety lifecycle

Cybersecurity lifecycle

Summary

Further reading

Chapter 2: SIS Evolution and Trends

The history and evolution of SISs

The need for protecting SISs

ICS cyber risk trends and evolution

The intersection of safety and cybersecurity

ICS threat landscape

ICS cybersecurity incidents and lessons learned

Chapter 3: SIS Security Design and Architecture

Understanding DiD and LOPA principles

The DiD strategy

The LOPA strategy

ICS security design and architecture

The Purdue model

ICS key components for safety functions

ICS zoning and conduits

SIS secure architecture

Managing entry points

Example SIS reference architectures

Safety network protocols

HART

Modbus

OPC

SafeEthernet (HIMA)

Vnet/IP (Yokogawa)

ProfiSafe

Functional Safety Over EtherCAT (FSoE)

CIP Safety

CC-Link Safety

openSAFETY

ICS proprietary protocols

Lab exercise - TRITON

Part 2: Attacking and Securing SISs

Chapter 4: Hacking Safety Instrumented Systems

ICS attacks

Process (physical) attacks

Cyber attacks

Understanding the SIS attack surface

SuCs

Abusing the HMI

Attacking the SIS controller

(P)0wning the S-EWS

Abusing the IAMS

Replaying traffic.

Reverse engineering a transmitter of field devices

Bypassing a key switch

Putting it all together

Lab exercise - ReeR MOSAIC M1S safety PLC security assessment

Chapter 5: Securing Safety Instrumented Systems

Security design and engineering

The secure-by-design principle

Managing the ICS cybersecurity lifecycle

Technology and product selection

CSMSs

SIS - The need for integral security

Operational policies and procedures

GOM

Operation and cybersecurity maintenance

Hazard

Criticality

Reliability

Part 3: Risk Management and Compliance

Chapter 6: Cybersecurity Risk Management of SISs

Importance of cyber risk assessment

Risk assessment objectives

SIS risk assessment principles

Consequence-based risk assessment

Cybersecurity risk assessment methodologies

Conducting risk assessments in SISs

IEC 62443-3-2

BowTie

NAMUR

The continuous nature of risk assessment

Chapter 7: Security Standards and Certification

The evolution of standards and legislation

Industry-relevant certifications

Identifying key stakeholders and the broader ecosystem

Resources and initiatives

Chapter 8: The Future of ICS and SIS: Innovations and Challenges

The current state of ICS cybersecurity innovation

Emerging technologies including opportunities and challenges

Artificial Intelligence

Quantum computing

Cloud computing

Autonomous operations

Zero Trust

Self-healing systems

Index

Other Books You May Enjoy.

Notes:

Includes bibliographical references and index.

Description based on publisher supplied metadata and other sources.

Description based on print version record.

ISBN:

9781801071864

1801071861

OCLC:

1451100519